[tor-dev] Attentive Otter: Analysis of Instantbird/Thunderbird

Mike Perry mikeperry at torproject.org
Mon Oct 7 23:33:50 UTC 2013 

This outline was a collaborative effort between me and Sukhbir Singh.


Code and package URLs:
  Packages: http://instantbird.com/download-all.html
  Nightlies: http://nightly.instantbird.im/
  Instantbird Code: http://hg.instantbird.org
  Thunderbird Code: https://github.com/mozilla/releases-comm-central
  FAQ: http://instantbird.com/faq.html


Instantbird Overview:
  + Cross-platform (Windows, OS X, Linux).

  + Based on XUL+XPCOM (specifically Thunderbird). 
    + Many existing Thunderbird addons should be easy to port.

  + Periodically syncs its codebase with Thunderbird:
    - https://bugzilla.mozilla.org/show_bug.cgi?id=920801
    + Thunderbird can be used as combined secure Chat+Email communications
      software.
    + One piece of software for all secure communications is a usability win

  + Leveraging the work done on TorBirdy, we can distribute Instantbird
    and Tor (and related components) in a single package, or as a combined
    addon.
    + Use Tor Launcher as the controller (sukhe recently added Thunderbird
      support)
      + Will allow seamless zero-configuration Tor usage for normal case,
        and will share Tor Browser's future Pluggable Transport support
        with no additional effort.
      + See the TorBirdy manual for more information:
        https://trac.torproject.org/projects/tor/wiki/torbirdy#TorBirdywithTorandTorLauncher
   
  + Good protocol support:
    Currently Instantbird supports by default: AIM, Bonjour, Facebook Chat,
    Gadu-Gadu, Google Talk, Groupwise, ICQ, IRC, MSN, MySpaceIM, Netsoul,
    Odnoklassniki, QQ, Simple, Twitter, VKontakte, XMPP, Yahoo and Yahoo JAPAN.
  
  + Supports "portable version".
  
  + InstantBird is available in 14 languages; Thunderbird is available in ~65
  
  + Clean and easy to use interface.

  + We are amassing a fair amount of in-house expertise with Mozilla/XPCOM,
    which we can use for code review, UI design, etc.

  + Can also leverage our existing relationship with Mozilla to share workload
  
  
Security Properties:
  * Currently based on libpurple, but Mozilla is working to replace libpurple
    with pure JS implementations (due to both licensing and code
    quality/security issues with libpurple). Instantbird nightlies have
    this code but it must be enabled via about:config. Seems to work.
    + http://clokep.blogspot.com/2013/10/yahoo-protocol-google-summer-of-code.html
    + http://lxr.instantbird.org/instantbird/source/chat/protocols/
    + http://lxr.instantbird.org/instantbird/source/chat/protocols/xmpp/

  - No OTR support yet
    + OTR support tickets:
      https://bugzilla.instantbird.org/show_bug.cgi?id=877
      https://bugzilla.mozilla.org/show_bug.cgi?id=779052
    + For a stopgap/prototype: We can use the js-ctypes wrapper of libotr
      along with the message observer API
      + Example observer API use w/ rot13:
        http://hg.instantbird.org/addons/file/tip/rot13
      + JS-Ctypes wrapper for native libotr:
        http://gitorious.org/fireotr/fireotr/blobs/master/chrome/content/otr_wrapper.js
        + The ctypes wrapper can be converted to an XPCOM wrapper later.
    + According to sshagarwal #maildev on irc.mozilla.org, Mozilla is
      also working towards implementing all of the primitives needed for OTR (and OTR
      itself) in NSS. These are listed in this comment:
      https://bugzilla.mozilla.org/show_bug.cgi?id=779052#c17
      + We could also rely on the ctypes wrapper until native support is
        available, and possibly skip an XPCOM libotr wrapper entirely.

  + Solid proxy support. JS XMPP implementation allows you to omit DNS SRV
    and since everything goes through nsIChannels, proxy support is easy
    to verify and audit.

  + Messaging window is jailed to type=content (unlike cryptocat) and is
    additionally XSS filtered immediately prior to display:
    https://mxr.mozilla.org/comm-beta/source/chat/modules/imContentSink.jsm


Summary of Goals Met:
  Release a secure, portable chat program that sends all traffic over Tor:
    + Yes.
  Can be used with a wide variety of chat networks:
    + Yes, even without libpurple
  Uses off-the-record encryption of conversations by default:
    - Not yet, but support is coming, and it's not too hard to deploy a stopgap
  French, Spanish, and Arabic support:
    * Partly yes. Full support for French and Spanish, but Instandbird
      has no translations for Farsi or Arabic (however Thunderbird does support
      these locales and can also be used as a chat client).


-- 
Mike Perry
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20131007/53a0d5cb/attachment-0001.sig>

More information about the tor-dev mailing list